millions-camera-36633
04/04/2019, 4:20 AMpulumi.output
, then export it as a stack output, it doesn't seem to appear in the stack outputs, where as outputs that are a side effects of creating a resource dowhite-balloon-205
millions-camera-36633
04/04/2019, 4:23 AMexport function setupRds(nodeSecurityGroup: aws.ec2.SecurityGroup){
const config = new pulumi.Config();
const existingDatabaseUrl = config.get("use_database_url");
const newDatabaseConfig = config.get("create_database");
const project = pulumi.getProject();
let databaseUrlOutput;
const configErrorMessage = `RDS config: specify either a URL to use (${project}:use_database_url) or options to create an RDS instance (${project}:create_database: '{"instanceClass": "db.t3.small", "allocatedStorage": 5}').`;
if ((existingDatabaseUrl || "").length > 0 && (newDatabaseConfig || "").length > 0) {
throw new Error(configErrorMessage)
}
if((existingDatabaseUrl || "").length > 0) {
databaseUrlOutput = pulumi.output(existingDatabaseUrl);
} else if ((newDatabaseConfig || "").length > 0) {
const dbConfig = config.getObject<{instanceClass: string, allocatedStorage: number}>("create_database");
if(!dbConfig || !dbConfig.instanceClass || !dbConfig.allocatedStorage) {
throw new Error(configErrorMessage);
}
const dbUsername = "apollo";
const dbName = "apollo";
const dbPort = 5432;
// <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.Scenarios.html#USER_VPC.Scenario1>
const dbSecurityGroup = new aws.ec2.SecurityGroup("apollo-rds-sg", {
ingress: [
{ protocol: "tcp", fromPort: 0, toPort: 65535, securityGroups: [nodeSecurityGroup.id] }, // All TCP
{ protocol: "tcp", fromPort: dbPort, toPort: dbPort, securityGroups: [nodeSecurityGroup.id] }, // Postgres
{ protocol: "icmp", fromPort: -1, toPort: -1, securityGroups: [nodeSecurityGroup.id] }, // All ICMP
],
vpcId: nodeSecurityGroup.vpcId
})
const dbPassword = new random.RandomString("db-password", {
length: 12,
special: false
});
const rdsInstance = new aws.rds.Instance("apollo-rds", {
engine: "postgres",
instanceClass: dbConfig.instanceClass,
username: dbUsername,
password: dbPassword.result,
name: dbName,
port: dbPort,
publiclyAccessible: false,
allocatedStorage: dbConfig.allocatedStorage,
vpcSecurityGroupIds: [dbSecurityGroup.id],
skipFinalSnapshot: true
});
databaseUrlOutput = pulumi.all([rdsInstance.endpoint, dbPassword.result]).apply(
([endpoint, password]) => `postgres://${dbUsername}:${password}@${endpoint}/${dbName}`);
}
return databaseUrlOutput;
}